134 Commits

Author SHA1 Message Date
Mathias Ewald
3894883871 External Ceph - Implementation Cinder
This patch adds support for external Ceph clusters for Cinder.

For clean integration the backend configuration mechanism had to be
slightly adjusted.

We now have the option to enable multiple backends for Cinder
independently.

Currently, the flags cinder_backend_iscsi and cinder_backend_ceph are
used to toggle backends.

Documentation on how to use external ceph was added.

Change-Id: I7e0267b90d62d6d881f24f063cdb894422ec8618
Partially-Implements: Blueprint: external-ceph
2016-07-19 12:45:48 +00:00
Jenkins
ef0d8da2cb Merge "TrivialFix:modify the spelling mistakes" 2016-07-15 11:24:10 +00:00
Jing Sun
9aa385a72a TrivialFix:modify the spelling mistakes
Change-Id: Ida7742920051db7120f953a04243e3b03629b975
2016-07-15 16:46:23 +08:00
Mathias Ewald
f16a45180c External Ceph support - Implementation Glance
Most simple implementation of external ceph support.

We use INI merge to configure RBD backend for Glance and copy
ceph.conf and keyring provided by the user into the container.

Set_configs.py had to be extended to support globbing (wildcards) in
order to copy ceph keyring file which is named depending on the cephx
user name.

Partially-Implements Blueprint: external-ceph
Partially-Implements Blueprint: selectable-ceph

Change-Id: Iacadbd8ec9956e9f075206ea03b28f044cb6ffb8
2016-07-14 14:05:34 +00:00
Carlos Cesario
115c55e1fe Add multipathing support to docker container
Due some cinder drivers need multipathing support like this one
http://docs.openstack.org/mitaka/config-reference/block-storage/drivers/ibm-storwize-svc-driver.html

This PS will allow to run these additional drivers when using Kolla.

Implements: blueprint multipath-support
Change-Id: Id6cf29f984c92773bbfc2f95daea573a74701648
2016-07-11 09:07:21 -03:00
Takeaki Matsumoto
138c6426bd Add enable_iscsi option to etc/kolla/globals.yml
To use Cinder LVM2 backend with iSCSI,
add enable_iscsi option and fix document.

Change-Id: I286733508b5582c311c313c172b3c3a774be993c
Closes-Bug: #1599088
2016-07-07 22:18:02 +09:00
Jenkins
7f447eb354 Merge "Make Neutron QoS service plugin configurable" 2016-06-20 10:55:01 +00:00
Christian Berendt
a7f93b09bb Make Neutron QoS service plugin configurable
This introduces a new configuration parameter neutron_enable_qos to
be able to enable the Neutron QoS service plugin.

More details about the Neutron QoS service plugin are available at:

http://docs.openstack.org/liberty/networking-guide/adv-config-qos.html

Change-Id: I8525bf4dce5f1e225f72a4e1c3760b64a36b17f6
Closes-bug: #1593183
Implements: bp netowrking-qos
2016-06-18 15:53:12 +00:00
Jenkins
e48f68c82a Merge "Implement ceilometer ansible role" 2016-06-18 04:05:52 +00:00
hanchao
4aa0951053 TrivialFix: A typo fix in the globals.yml
Correct `container` to `contain` in the comment.

Change-Id: Ia156676406fac8745e1c7873bae6a5884d6ce27e
2016-06-17 15:46:09 +08:00
Hui Kang
4108c6c6ec Implement ceilometer ansible role
Change-Id: I13c50a78b2dc7c98b720a4b2e7161104213bd295
Implements: bp ansible-ceilometer
2016-06-16 22:05:56 -04:00
Daneyon Hansen
ba30579b3b Adds Neutron LBaaS Support
Previously, kolla did not support neutron lbaas functionality.
Only Lbaasv2 is supported in Mitaka. Additional information can
be found here:
http://docs.openstack.org/mitaka/networking-guide/adv-config-lbaas.html
Magnum uses Neutron Lbaas to provide high availability to COE API
and Etcd endpoints within a bay. Therefore, Neutron Lbaas is required
for Kolla to support Magnum.

Co-Authored-By: Serguei Bezverkhi <sbezverk@cisco.com>
Partial-Bug: #1551992

Change-Id: I05360b7c447c601fcb3c2b6b2a913ef5cc0f3a1b
2016-05-27 11:41:25 -04:00
Jenkins
fef79059b7 Merge "Adding variables for Cinder iSCSI backend configuration" 2016-05-23 09:52:48 +00:00
weiyu
b071bb22c9 Add a cluster_network interface when we use ceph
Because of the consideration of security and performance, ceph community
recommend the use of two separate network public networks and cluster
networks. refer:
http://docs.ceph.com/docs/master/rados/configuration/network-config-ref/

DocImpact
Closes-Bug: #1582095
Change-Id: I8cb0e14f86c859820fbbb8af8f94ac8155338e13
2016-05-17 14:09:36 +08:00
Serguei Bezverkhi
4150df42e2 Adding variables for Cinder iSCSI backend configuration
This fix adds several variables required for Cinder iSCSI backend
configutation.

Change-Id: I2f709f8589fdbf62e3d0b265452fd58f413bee65
Closes-Bug: #1579800
2016-05-09 11:15:32 -04:00
Jeffrey Zhang
9318b93c73 Remove the useless nova_ssh configure in the passwords.yml
The nova_ssh_private_key and nova_ssh_public_key is useless, and
they should not be merged.

Change-Id: I7e7178398242060a78fe7caee6e14fa77f2ffe35
Closes-Bug: #1576199
2016-04-28 20:55:56 +08:00
Jeffrey Zhang
42420830f6 Implement nova-ssh container
Add a nova-ssh container to handle the `nova migrate` and
`nova resize` case, in which the nova will use ssh to copy
files between machines.

Change-Id: Ie6675943f3aeabfbba8589d308d55b9c89d732db
Closes-Bug: #1562141
2016-04-03 07:21:17 +00:00
Serguei Bezverkhi
2e396fec98 Restoring openstack_release option
This patch restores openstack_release option in globals.yml

Closes-Bug: 1565353

Change-Id: I00342d1f52360e7d2c38b4467dc0b4049b7191dd
2016-04-02 17:17:43 -04:00
Carlos Cesario
676998a124 Make keepalived virtual_router_id param configurable
To be kolla deploy multiple clouds, we need to be able to configure
virtual_router_id other wise haproxy will fail setup the VIP for the
second cloud.

Partially-Implements: blueprint multiple-cloud
Closes-Bug: #1564547
Change-Id: I9eb27dd6fba61205841eadafc96601e235d2fe6d
2016-04-01 17:35:35 -03:00
Mauricio Lima
47a6d1039d Update swift name
TrivialFix

Change-Id: I852acea531c9c9ed68e83fbf98860453da1ce98f
2016-03-30 11:39:35 -04:00
MD NADEEM
e1b9b8e7f5 Add optional services option in globals.yml
Closes-Bug: #1563642
Change-Id: Id047dbcd438edc748fbe928cabbdbc1060c7c3de
2016-03-30 03:05:38 +00:00
Jenkins
beaee72f0f Merge "Add kibana authentication using HAproxy" 2016-03-25 10:53:57 +00:00
akwasniewska
ba62740a93 Add kibana authentication using HAproxy
Change-Id: Ib501571dd34cb68924775ce738499d63df5718dd
Closes-Bug: 1556487
2016-03-24 11:46:06 +01:00
Jenkins
35fda60255 Merge "Fix inconsistancy in globals.yml" 2016-03-23 22:08:50 +00:00
Carlos Cesario
1d31b79e23 Remove static password
Remove static password into file passwords.yml

Change-Id: I68d766b9d9b4a7055629473de9bb9d6ab59d8503
Closes-Bug: #1559266
2016-03-21 18:12:32 -03:00
SamYaple
f03e06e09b Add generate_passwords.py to generate passwords
As with all tools, this is a first pass at the generation. Perhaps we
even want to move this into kolla/kolla/cmd and be generated with tox
itself in the future.

This tool, when run, will only populate empty fields that have no
values meaning that it is safe to run repeatedly on the same file.

Of note, there is no way to preserve comments in the file after it has
been processed by the yaml parser in python. Comments and sections
will remain in the passwords.yml template for additional documentation
if the user wishes to populate the file themselves.

Use SystemRandom and clean up the docs a bit to not use pronouns.

Co-Authored-By: Steven Dake <stdake@cisco.com>

Closes-Bug: #1559266
Change-Id: I2932d592df8871f1b7811059206d0b4d0553a687
2016-03-21 17:02:23 +00:00
SamYaple
d786ac948a Move manila variable
The user variable was incorrectly in passwords.yml

The naming was inconsistent, it should be prefixed with manila_*

Removed old unused variable

TrivialFix

Change-Id: I182797fcc6d62d35174403d78d71c8ad7ddcbc43
2016-03-19 23:55:13 +00:00
SamYaple
d4535b6dc3 Add memcached_servers to keystone_auth section
The in-process cache for keystone tokens has been deprecated due to
"incosistent results and high memory usage" with the expectation we
switch to memcached_servers if we want to stay performant.

Add memcache_servers [cache] section to the appropriate servers as the
[DEFAULT]\memcache_servers options was deprecated.

TrivialFix
Related-Id: Ied2b88c8cefe5655a88d0c2f334de04e588fa75a

Change-Id: Ic971bdddc0be3338b15924f7cc0f97d4a3ad2440
2016-03-19 21:53:03 +00:00
MD NADEEM
de695f04db Fix inconsistancy in globals.yml
The parameter values in global.yml were inconsist,
for some variable default values are shown while for
others it's not.

From user point of view it is important to know
the default values of the parameters and the globals.yml is
the file where user is supposed to look for config variable,
for sure a user do not want to look kolla/ansible/group_var/all.yml
file just for checking default values. So it is better to show all
default values in global.yml

This patch will solve this issue.

TrivialFix

Change-Id: I991fc5e1d4ed48d106da002a0f18a2b31525a482
2016-03-18 15:17:10 +00:00
MD NADEEM
bb342b074b Correct var name in globals.yml
Change variable name ceph_use_cache to ceph_enable_cache

TrivialFix

Change-Id: Ifeabf2a7212a78a81703f3e867c2566652b1aebc
2016-03-18 09:42:53 +05:30
Serguei Bezverkhi
c2f2be4d5e Changing Swift option section in globals.yml
This patch adds some explanations for different options available
in /etc/kolla/globals.yml for customizing swift configuration.

Trivial fix

Change-Id: Iaf03f5293804d63c87d8881ac4282909a81b0bfe
2016-03-17 14:26:00 -04:00
Gerard Braad — 吉拉德
5dcee1ae80 Changed port of docker_registry in globals.yml
Changed docker_registry placeholder for consistency with
documentation; port 4000 is used instead of Docker's default port
5000 to avoid conflicts.

TrivialFix

Change-Id: I539547ce573642022ccdf1fbb47b4adc2f852ff2
2016-03-17 02:57:54 +00:00
Thiago Gomes
2ea890a77d Fix default value on globals for config_strategy
In kolla/ansible/group_vars/all.yml config_strategy is COPY_ALWAYS
In kolla/etc/kolla/globals.yml the default value shown is COPY_ONCE

TrivialFix

Change-Id: If7000b811715c6cb84af3539cb522c22d31dc03b
2016-03-08 10:37:36 -05:00
Jenkins
32ce37cb8f Merge "Fix horizon with ssl" 2016-03-04 23:17:52 +00:00
SamYaple
dd8e1cb2ee Fix horizon with ssl
Ubuntu did not have mod_headers enabled by default

Remove unused variable and adjust 'when' conditional positioning

TrivialFix

Change-Id: I82b8724526c24f4481a80165520d624f6a02c336
2016-03-04 14:51:50 +00:00
Jeffrey Zhang
e6b230d784 Add authentication for keepalived
TrivialFix

Closes-Bug: #1551314
Change-Id: Id85859500aec283703b6b6714abf213a42286182
2016-03-04 21:28:01 +08:00
Dave McCowan
3daded6242 Add TLS protection on external API endpoints
TLS can be used to encrypt and authenticate the connection with
OpenStack endpoints.  This patch provides the necessary
parameters and changes the resulting service configurations to
enable TLS for the Kolla deployed OpenStack cloud.

The new input parameters are:

kolla_enable_tls_external: "yes" or "no" (default is "no")
kolla_external_fqdn_cert: "/etc/kolla/certificates/haproxy.pem"
kolla_external_fqdn_cacert: "/etc/kolla/certificates/haproxy-ca.crt"

Implements: blueprint kolla-ssl

Change-Id: I48ef8a781c3035d58817f9bf6f36d59a488bab41
2016-03-03 14:44:37 -05:00
Mauricio Lima
9786fd646f Add ansible support for Manila
Co-Authored-By: Marc Koderer <marc@koderer.com>
Change-Id: I16bab281f2eca341b7a649f766bae5f2cf18a117
Partially-Implements: blueprint enable-manila-containers
2016-03-01 10:55:47 -05:00
SamYaple
4edd0baf8d Remove keystone admin token
Admin token has been deprecated upstream. It will be removed in O. We
switch over to the new `keystone-manage bootstrap` method for creating
the initial admin user, role, and project.

Co-Authored-By: Sam Yaple <sam@yaple.net>
Change-Id: I6ca90e8d4c3b71009e24b049b2efbc08c05ebfbf
2016-03-01 00:14:06 +00:00
SamYaple
d3cfb2052a Change kolla_internal_address variable
Due to poor planning on our variable names we have a situation where
we have "internal_address" which must be a VIP, but "external_address"
which should be a DNS name. Now with two vips "external_vip_address"
is a new variable.

This corrects that issue by deprecating kolla_internal_address and
replacing it with 4 nicely named variables.

kolla_internal_vip_address
kolla_internal_fqdn
kolla_external_vip_address
kolla_external_fqdn

The default behaviour will remain the same, and the way the variable
inheritance is setup the kolla_internal_address variable can still be
set in globals.yml and propogate out to these 4 new variables like it
normally would, but all reference to kolla_internal_address has been
completely removed.

Change-Id: I4556dcdbf4d91a8d2751981ef9c64bad44a719e5
Partially-Implements: blueprint ssl-kolla
2016-02-26 20:00:09 +00:00
Dave McCowan
34c2cb8e64 Implement Option for Two VIPs to separate API traffic
To improve security, operators have asked for two VIPs for
their cloud.

VIP 1 is the internal VIP that can reach internal and admin endpoints.
In addition, the internal VIP can also reach other internal services,
such as the database and message services.
VIP 2 is the external VIP that can only reach public endpoints.

With one VIP only, all services are reached at the same address.

To add a second VIP, this patch adds two new configuration parameters.

kolla_external_vip_address: is an IPv4 address to use for created VIP
kolla_external_vip_interface: is the network interface to use for VIP
In this scenario, the first VIP (the internal VIP), is defined by
the original parameters (kolla_internal address and network_interface).

When using two VIPs, the existing kolla_external_address parameter
should be/point to/resolve to the kolla_external_vip_address.

Closes-bug: 1535333

Change-Id: I5bfcefaf7899298455cdade8209c34324aebfecb
2016-02-24 09:18:06 -05:00
Jenkins
84f43146dc Merge "Use uppercase 'S' in word "OpenStack"" 2016-02-15 16:23:37 +00:00
venkatamahesh
70de590a11 Use uppercase 'S' in word "OpenStack"
Change-Id: I27ca0ea75f3d6a4371c91b3cb2c7a999ec90fbc4
2016-02-15 12:37:30 +00:00
Jeffrey Zhang
10172ec311 Remove the openstack_release option in the globals.yml file
Normally, the end user should not change this.

TrivialFix

Change-Id: Ida74ed0e5ae3ff689e2acbafb9d491341bbbcf91
2016-02-12 16:21:00 +08:00
Mauricio Lima
d7ffd1971c Add double quotes in ceph_cache_mode
TrivialFix

Change-Id: I73f780d72fc30ff3adf3e70ed03361dcb76b451d
2016-02-03 12:50:12 -05:00
SamYaple
e7dfd63bfc Create nova-api database
This is a required patch.

Kilo introduced a nova-api database but didn't use it. [1]
Mitaka now uses it and has broken booting instances. [2]

[1] https://wiki.openstack.org/wiki/ReleaseNotes/Kilo#OpenStack_Compute_.28Nova.29
[2] df0fca62cf/releasenotes/notes/request-spec-api-db-b9cc6e0624d563c5.yaml

Change-Id: If0a7f4ba4937fab8d60f5236ca00db06faa768c7
Closes-Bug: #1540579
2016-02-02 21:56:54 +00:00
Ice Yao
e1ff26612f remove option verbose define in defaults/main.yml
References: https://review.openstack.org/#/c/269042/

TrivialFix

Change-Id: Ief08781342a06f956fc4cf00ba4383759da8c897
2016-01-20 16:17:05 +08:00
malei
bdda9e40ea Fix typos in docstrings:
Change 'formating' to 'formatting'
change 'seperate' to 'separate'

Change-Id: I3093461c91cc71654c3ba86d7d662259262c09f5
2015-10-20 17:23:05 +08:00
Jenkins
46ceb9fccc Merge "Remove the kolla-build.conf" 2016-01-08 03:22:18 +00:00
Jeffrey Zhang
781eefeccf Remove the kolla-build.conf
use tox -e genconfig to generate this file

DocImpact

Closes-Bug: #1531202
Change-Id: I3a6e57c3cc48aeb3a45a055b173207ea6e214960
2016-01-07 21:06:22 +08:00